Overview

overview

10

Static

static

1

ce5c5ebc79...8.html

windows7-x64

10

ce5c5ebc79...8.html

windows10-2004-x64

3

Analysis

  • max time kernel
    142s
  • max time network
    148s
  • platform
    windows7_x64
  • resource
    win7-20240903-en
  • resource tags

    arch:x64arch:x86image:win7-20240903-enlocale:en-usos:windows7-x64system
  • submitted
    06-12-2024 18:14

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    ce5c5ebc79ce24a8084d1c6a379a8e5d_JaffaCakes118.html

  • Size

    107KB

  • MD5

    ce5c5ebc79ce24a8084d1c6a379a8e5d

  • SHA1

    e5db627573025537bbc0adf7dfc2a936812055ea

  • SHA256

    7dff5bb591155dbefe6b723e8bd60581448977366758caa202ed4c69dd669820

  • SHA512

    3a8fd2523cd8261ee002a86ffa5f5cd7c323b9ce1a52bca5ed65c518833500b3e2508b9a63eab48022f92d454d5c81c079f492347829cd4a796cbf5b9346c47a

  • SSDEEP

    3072:Ww7zyP5XFXjI22U6ogpY04MHFc3fqt5+G5QodzhN4twnA:9zyP5pM22U6oguGA

Score
10/10
socgholishdiscoverydownloader

Malware Config

Signatures

  • SocGholish

    SocGholish is a JavaScript payload that downloads other malware.

    downloadersocgholish
  • Socgholish family
    socgholish
  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

    discovery
  • Modifies Internet Explorer settings 1 TTPs 41 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\ce5c5ebc79ce24a8084d1c6a379a8e5d_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:1996
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:1996 CREDAT:275457 /prefetch:2
      2⤵
      • System Location Discovery: System Language Discovery
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2252

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\3C428B1A3E5F57D887EC4B864FAC5DCC
    Filesize

    914B

    MD5

    e4a68ac854ac5242460afd72481b2a44

    SHA1

    df3c24f9bfd666761b268073fe06d1cc8d4f82a4

    SHA256

    cb3ccbb76031e5e0138f8dd39a23f9de47ffc35e43c1144cea27d46a5ab1cb5f

    SHA512

    5622207e1ba285f172756f6019af92ac808ed63286e24dfecc1e79873fb5d140f1ceb7133f2476e89a5f75f711f9813a9fbb8fd5287f64adfdcc53b864f9bdc5

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\F0ACCF77CDCBFF39F6191887F6D2D357
    Filesize

    1KB

    MD5

    a266bb7dcc38a562631361bbf61dd11b

    SHA1

    3b1efd3a66ea28b16697394703a72ca340a05bd5

    SHA256

    df545bf919a2439c36983b54cdfc903dfa4f37d3996d8d84b4c31eec6f3c163e

    SHA512

    0da8ef4f8f6ed3d16d2bc8eb816b9e6e1345dfe2d91160196c47e6149a1d6aedaafadcefd66acdea7f72dcf0832770192ceac15b0c559c4ccc2c0e5581d5aefc

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\3C428B1A3E5F57D887EC4B864FAC5DCC
    Filesize

    252B

    MD5

    9dd30a3a2e22a5a411b71713b1ee4d1b

    SHA1

    e4e4ce3a10276dc51386907ea423c38722ee6d8b

    SHA256

    0bfe04c8219aca5e125f01088c76f17202a05f37447c68c3fea8874482632e92

    SHA512

    3e9eb50db94a2695f5305818ca8fdde85ab6ef11a96c0d55b957dcb5008b47f5e927d3604c02e2dc2a6e968321d518d2fcdfc01db0ce95da6dc9ca6f5e6c7b31

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    ee1bfed646dec7a15c2adca647de2a47

    SHA1

    8d776214ebf6ee8da359141cacdea8e1889736d5

    SHA256

    cc3135514fd1df122508be6b9f79f8c2967c71baa2b480486c134796b54ad1b4

    SHA512

    a742ffa9f47d4ed13dfbc6ff9854ae969808141e8ddc4f67ec6fae5667e74a54823b50697d876e2662d69c16cfd5e82c22c5b49e5a6f29d15d7001fa6276f116

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    2f4fc4aa2a502fa45bc67cf35823fd6c

    SHA1

    595e478a708998df632f9ad0cc160d640efcfaa8

    SHA256

    6865f306f3cb794d596049b207103301e64afb2ce9926f9660c28f38c70df051

    SHA512

    b7efd4541c6804c44019d4549b2284fcd41b96f682e46d35b364692eb9b4fa201c2cdf3224e610778c949755d8ca3925de532ec2efa10235140287936b601a8c

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    952a6c39c22772d81aa9f223423b3a0f

    SHA1

    08d493d766e6d2403b5980ab745ee70d31d0c103

    SHA256

    377c1cb0e1bd891fc5877ca3879bb39cf17c244975a965e9f73b151ecc24590b

    SHA512

    75f23f6672c501ad9e582a6d9a7479e51a8da531389e35b7ecb3c3cad874a20ad4fb2e4ad58ad47a4563b9cce014a7294811eed5e73a621448b0b18e6e5f5201

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    bce66d6630aa0601013d6b47a172b9e3

    SHA1

    d13d7fd3fe95e4babba068cb73ccdc92c6a41dbe

    SHA256

    fee62c3f4bcd0126c2007d84356364068a0cd5c35cf089cc19f9fdd2bcec41d4

    SHA512

    8d34bb4dfd023c2929018d9a3e3bede8aca1a960af83de7d5a582ae5117b53118bde62f69ed0e6dc0d9a468a918766ea005f95b2b28608e7b3653cfca5f2ab90

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    ae88c8d465078e2a58d69a407e997334

    SHA1

    b8aaef332c762b89fa8c696588e590529009643a

    SHA256

    577b3c0fef3eca84c127a1654da1416a17f1ae11eccf4fcd5743ea72fa36b25e

    SHA512

    8d2c57ae9ce4741502a057aa084f056972bcb0b37da451fd7f6830ebf820ce83d9f7c3b4aca0d016eb60694825c19a5d395f6d5a8e5e35404a1e0f02fffb9ffa

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    1681cd362372d3751eb9e49730ac1c74

    SHA1

    8ac3ef8aa18cf7fc4c5e8695808eb666816d8ad5

    SHA256

    2b916a936b273b561ec7027b913bc8d2deef56dce1f9e1e7ebb8adee14159777

    SHA512

    5b34da18e6360cac3896eb68b9d41b2c2ef19f8782440ffcf5fb759925d9c937f73e0ed3ec73ac3fa027e79dc8aaccb659697953f68d45b0d69ad8bfd9f06bdb

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    ff930f46d5189fe3792a7cc2db87ee44

    SHA1

    f6f53fd439291ce440e1ad83f08fbfcf5a612a4f

    SHA256

    c19304ac53462574db9c45964ba13dc817258c16a80ae87e4f6f2d9923a24ed9

    SHA512

    163cad01960b6df686ed85f06b00bc9c876e86856097eff95b345ba2655e3dcb2aa075ee68de96a48e07ba1b3a59007882d3046370b7b0c6a3ed17f91a20a10e

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    3e6936f5bdc5d52cdf571a953b56ddfc

    SHA1

    685c7186e72ca7e642cc7cf58cbbc3535706a760

    SHA256

    48baf7d887ec419d18a483dd61d05e902924c175357cc06193b0e0b631311a0d

    SHA512

    692972de437277002bdd7381d815416cdc1a1994317335ba3d496a0901f82b4d3a487dbf660af1ae0bb564185e4f94b695635e9ed2de50aa1b9f56357ebefe17

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    cfec3593a3e20c2e62f21ce033033559

    SHA1

    3afb1cc22ac0fbd82f0b541e33641c3686007978

    SHA256

    4d0ba2295a2438af4e5871f1393dba5b22fd0f41b9d0073ab3a8cded5368cad5

    SHA512

    570198145d13b50144b7a97928356552b56bb080de116d4a95aa270804fe84973cd6bf2c701ba5feb82e421a23f66ef6074ff516462252ce47d689a7faf03a53

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    3fda52c3496a1f93de276f2909ef8670

    SHA1

    c6a4dfa412adb32c803983c7d803b6b614cc965d

    SHA256

    475242048c85c95e00bb674391e41ab150ec187f82a313aa48d763973eb31c44

    SHA512

    7a420474a66a10f60a98644259408ba5b3529a3dffde56c3ebdeb7d8119d2923cabf608b7cd36ec8dc1802241121737ef88c751ee02702b5b51af9f6097480b1

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    139947e0b988d94ac370c0e53843a8d9

    SHA1

    21bf9d0eb144f434c05e97e843465f97596a03d2

    SHA256

    cccfb2a0d0911e1ac1ea1ece2684c59220081c101ab0fe4d101a17afa7d8c01d

    SHA512

    18e97f3ace83a9a8a6e4a7619c3868d8e2d8e794213f86fa98980d386c2cb692808c823c11af1f9a24b1ec8de8e8ec3576cd928c635a26487449d92d50e8f1af

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    b3ddd913cf30f1f48e02523495cfbcee

    SHA1

    4f363fe17989ac83be1e7fa604a3c7228764cb46

    SHA256

    75e241a1a1750ffa5b91da7269a75c981d85e734f26ea17f318634a1f36a413f

    SHA512

    5cb9055eeeed7900ea3025cb087f08ad0a02fab5e21fecf40a0717b54daecc4b56f9e455300a483535d0b4544a0bb5d06c5147598e4e45e141a03cf6dc70be3f

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\F0ACCF77CDCBFF39F6191887F6D2D357
    Filesize

    242B

    MD5

    84a09324c8f2bd36f8277a8b55cb2aa0

    SHA1

    a8cc6cf92002c9039be30ea47c6849b704337b05

    SHA256

    e0499bad5febcd224d36bf88603a9514e27fa897031e1b5005b55e86040081b2

    SHA512

    8859f38be3a6603a9c868a09cd24bc7aa4a546c9510fc95881c1444a7cf8d43f50216d0731862d237f6b4d87cc8c6767ab87d270d889f60996bcae59eb292ee2

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\1LNUKNV0\ga[1].js
    Filesize

    45KB

    MD5

    e9372f0ebbcf71f851e3d321ef2a8e5a

    SHA1

    2c7d19d1af7d97085c977d1b69dcb8b84483d87c

    SHA256

    1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f

    SHA512

    c3a1c74ac968fc2fa366d9c25442162773db9af1289adfb165fc71e7750a7e62bd22f424f241730f3c2427afff8a540c214b3b97219a360a231d4875e6ddee6f

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\IAE3FJ0M\f[1].txt
    Filesize

    40KB

    MD5

    c039930144c53053075c717cbcd132e9

    SHA1

    06f40d886d32054f96335d85fcbc4884078682d4

    SHA256

    c7f2fdac66dee088b86d286cced345ebcd81bca232b77306174ee9cee8ec393a

    SHA512

    24a637eb1b5e6a4837ea7af9dd088aaf28c517596cb4037eee82b49421cd826053f39445cc1a8f5a7f73b4a39bc8e3ebfa65d5c3389dbc3e8e1d57db860b1c55

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\CabDBE0.tmp
    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\TarE42D.tmp
    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

    Download Submit